Before you create distributed firewall rules for a data center group, you can group data center group networks into static security groups to which the rules apply.

Static security groups are groups of data center group networks to which distributed firewall rules apply. Grouping networks helps you to reduce the total number of distributed firewall rules to be created.

Prerequisites

Verify that you have at least one data center group network that is backed by NSX.

Procedure

  1. From the primary left navigation panel, select Networking, and from the page top navigation bar, select the Data Center Groups tab.
    The list of data center groups appears.
  2. Click the target data center group.
  3. Under Security, click Static Groups and click New.
  4. Enter a name and, optionally, a description for the static group, and click Save.
    The new static security group appears in the list.
  5. Select the newly created static security group and click Manage Members.
  6. Select the data center group networks that you want to add to the static security group.
  7. Click Save.

What to do next

Add a Distributed Firewall Rule to a Data Center Group with an NSX Network Provider Type in the VMware Cloud Director Tenant Portal